package com.zhouheng.module.login.controller;

import com.zhouheng.common.entity.ResponseVo;
import com.zhouheng.common.exception.UnauthorizedException;
import com.zhouheng.common.util.JWTUtil;
import com.zhouheng.module.login.database.UserBean;
import com.zhouheng.module.login.database.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.*;

@RestController
public class WebController {

    private UserService userService;

    public WebController(UserService userService) {
        this.userService = userService;
    }

    @RequestMapping("/login")
    public ResponseVo login(@RequestBody UserBean user) {
        String username = user.getUsername();
        String password = user.getPassword();
        UserBean userBean = userService.getUser(username);
        //实际开发中，这里应该是加密过后的密码比对
        if (userBean!=null && userBean.getPassword().equals(password)) {
            return new ResponseVo(200, "Login success", JWTUtil.sign(username, password));
        } else {
            throw new UnauthorizedException("用户验证失败");
        }
    }

    /**
     * 游客可以访问的接口，登陆用户也可以访问，但是展示内容不一样
     *
     * @return 返回 response vo 描述此返回参数
     * @author 周恒
     * @date 20181003 11:09:15
     * @since v1.0
     */
    @GetMapping("/article")
    public ResponseVo article() {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            //有权限时展示正式内容
            return new ResponseVo(200, "You are already logged in", null);
        } else {
            //没权限时展示游客内容（未登陆成功）
            return new ResponseVo(200, "You are guest", null);
        }
    }

    /**
     * RequiresAuthentication 一定需要认证
     *
     * @return 返回 response vo 描述此返回参数
     * @author 周恒
     * @date 20181003 12:31:04
     * @since v1.0
     */
    @GetMapping("/require_auth")
    @RequiresAuthentication
    public ResponseVo requireAuth() {
        return new ResponseVo(200, "You are authenticated", null);
    }

    @GetMapping("/require_role")
    @RequiresRoles("admin")
    public ResponseVo requireRole() {
        return new ResponseVo(200, "You are visiting require_role", null);
    }

    @GetMapping("/require_permission")
    @RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
    public ResponseVo requirePermission() {
        return new ResponseVo(200, "You are visiting permission require edit,view", null);
    }

    /**
     * 没有权限
     *
     * @return 返回 response vo 描述此返回参数
     * @author 周恒
     * @date 20181003 10:40:08
     * @since v1.0
     */
    @RequestMapping(path = "/401")
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public ResponseVo unauthorized() {
        return new ResponseVo(401, "Unauthorized", null);
    }

}
